[Plura-list] TSA is hoarding N95s; Look at this banana gondola; America is united; $3 router rebooter

Cory Doctorow doctorow at craphound.com
Thu May 7 13:34:45 EDT 2020


Reminder: I'm doing a (videoconference) talk and chairing a (remote)
panel at the Essence of Wonder sf convention this weekend:


Today's links

* The TSA is hoarding N95s: It doesn't even use 'em.

* Look at this banana gondola.: Just look at it.

* America is united: Turkeys skeptical about Christmas.

* $3 router rebooter: If no_google then reboot.

* EFF's Guide to Digital Rights During the Pandemic: Digital rights are
human rights.

* Wink will brick your smart home if you don't pay a monthly fee: How
you act in bad times reveals your true character.

* Helicopter flyover of deserted Disneyland: We find it delightfully
unlivable here in this ghostly retreat.

* EU: "Cookie walls violate the GDPR": Another blow to cookie consent

* Unix and Adversarial Interoperability: The "one weird antitrust trick"
that defined modern computing.

* Sidewalk Labs pulls out of Toronto: Sic Semper Boondoggle.

* Wechat spies on non-Chinese users for in-China censorship: Your dank
memes, banned in realtime.

* Hidden doors disguised as bookcases: No books harmed.

* Vent dragons: Alas, you can't use them as working vent covers.

* This day in history: 2010, 2015, 2019

* Colophon: Recent publications, upcoming appearances, current writing
projects, current reading


🧐 The TSA is hoarding N95s

Charles Kielkopf is a TSA attorney based in Columbus, OH. In an
whistleblower complaint filed Mon, he says that TSA is hoarding 1.3m N95
 masks that it isn't using, even as other federal agencies like the VA
go begging for PPE for high-risk workers.


Use of America's airports have fallen by 95% and the TSA has asked most
of its screeners to stay home. Those screeners that are working are
wearing surgical masks, as they have not been trained to fit N95 masks.

The masks were a gift to the TSA from Customs and Border Protection,
which located a forgotten cache of masks in a warehouse. Most are now in
a warehouse near DFW, though many have been dispersed to supply
cupboards in other US airports.

TSA managers are at a loss when it comes to the masks. Minnesota TSA
security director Cliff Van Leuven sent a memo to TSA bosses: "“I just
received 9,000 N-95 masks that I have very little to no need for."

"I’d like to donate the bulk of our current stock of N-95s [to the
Minnesota Department of Health] and keep a small supply on hand."

Weeks later, he wrote, "I have been very disappointed in our position to
keep tens of thousands of n95 masks while healthcare workers who have a
medical requirement for the masks — because of their contact with
infected people — still go without.”


🧐 Look at this banana gondola.

Just look at this banana-celery gondola.


Just look at it.

Toothpick is a verb!

"Toothpick on a partly reeled radish and draw on features with food
color....A long piece of uncooked spaghetti is a boatman's pole."

Here's a simpler, modern version that uses toothpicks, but not straight
pins, which is a pity...What makes a kid's novelty dessert better than
hidden straight pins?



🧐 America is united

Rightist politics are intrinsically antimajoritarian. The underlying
premise of right wing movements is that the many should be dominated by
the few, though different strains differ on who should rule: men, white
people, America, bosses, kings, etc.


For the right to dominate in democracies, it requires that turkeys be
convinced to vote for Christmas, for example by convincing evangelicals
that supporting the rule of the finance sector will get them
performative cruelty to women seeking abortions.


But there are limits to this. Once the farmer starts grabbing and
beheading turkeys, he'll lose support for his Turkeys For Christmas
movement. That's what's happening in America today.


The tiny minority who'd benefit from the premature re-opening of
businesses (large shareholders in large corporations that might survive
such a blunder) want the rest of us to throw ourselves in the volcano to
appease the economy gods.

The tiny minority who'd benefit from the premature re-opening of
businesses (large shareholders in large corporations that might survive
such a blunder) want the rest of us to throw ourselves in the volcano to
appease the economy gods.

If "Stay at Home" was a political party, it would sweep every state
house and governor's race, the House of Reps, the Senate, and the
Presidency. It's the most unifying issue in American politics today.

Which is why the gloves have come off. "Vote for Christmas" has been
replaced with "Vote for Christmas...or else" with measures like Ohio's
snitchline where bosses can report workers who won't come back because
they fear for their lives.

The message is: risk death at work, or risk starvation and homlessness
when we take away your benefits.



🧐 $3 router rebooter

Mike Diamond is a lawyer/hacker/maker whose latest gadget is a $3 router


It sits on the power line of your home router, using its internet to
periodically ping Google. If Google can't be reached, it powers down
your router, waits a few, and brings it back up again.

(on the assumption that an unreachable Google is more likely the result
of a hung router than a problem with Google's server farms).

The gadget uses a $1.50 ESP8266 board and a single relay and gets power
from a 5v, 1A cellphone charger that was lying around.

Coming soon: a version that pings you when it cycles the router, and
keeps logs.


🧐 EFF's Guide to Digital Rights During the Pandemic

For 30 years, orgs like EFF have argued that digital rights are human
rights and that the exercise of the latter requires the former. This has
never been more true than it is now, during the pandemic.

So this new ebook, "EFF's Guide to Digital Rights During the Pandemic,"
could not be more timely:

* Surveillance
* Free Speech
* Government Transparency
* Innovation
* Living More Online


These aren't hot takes, they're "written based on our decades of
experience tangling with rapid societal and technological change."

The ebook is licensed CC BY. Many, many, MANY thanks to the amazing
Tobias Buckell for his work getting this formatted as a proper ebook!


🧐 Wink will brick your smart home if you don't pay a monthly fee

Wink makes home automation systems for "smart homes." You buy their
gadgets and you integrate them into your house and then use their app to
control them. They claim to have connected 4,000,000 devices since 2014.

Now they've unilaterally altered the deal, announcing that customers
must immediately start paying a $5/month subscription fee or their
devices will be bricked.


"Wink has relied solely on the one-time fee derived from hardware sales
to cover ongoing cloud costs, development, and customer
support...however, long term costs and recent economic events have
caused additional strain on our business."

They say that they have to do this because they don't spy on you to sell
your data, so they need another revenue stream to see them through the
pandemic. I have no reason to doubt them.

And as someone who's been plunged into economic uncertainty by the
crisis, I sympathize.

But this...

"Should you choose not to sign up for a subscription you will no longer
be able to access your Wink devices from the app, with voice control or
through the API, and your automations will be disabled on May 13."

...is bullshit.

Here's the thing; there are LOTS of companies that sold you things and
are struggling to keep them going. Macmillan sold you the first two
Little Brother books, and they're about to bring out the third, Attack
Surface, on Oct 12.

They've also done layoffs, paycuts, etc.

I have lots of sympathy for Macmillan, too, but I don't think that
Macmillan should be allowed to announce that, in light of the crisis,
they're going to render your copies of the books they sold you
unreadable unless you start paying them a nominal monthly fee to keep going.

Not even if they want to argue that doing so will enable them to launch
the third Little Brother book in October. This is so unfair, so
unethical, that I wouldn't support it even though my own livelihood
might depend on it.

(To be clear, Macmillan isn't proposing this!)

That's why it's important to think about technological
self-determination beyond the crucial issue of privacy. Sure, having
your data harvested and sold is one way that technology can screw you
over, but it's just one way.

Tech can also take away your autonomy by preventing interoperability
(with terms of service, DRM, patents, etc), making you utterly dependent
on the vendor for ongoing access to, and enjoyment of, your property.

Laws like the DMCA, CFAA, etc make "adversarial interoperability" - when
you connect new things to existing services without permission - into a
potential felony. We can't afford to overlook this issue, even for
"privacy-respecting" companies.


It's what lets Wink Vader their policy changes: "I am altering the deal,
pray I don't alter it any further." They don't have to worry that their
customers or competitors will make new control panels for the devices
they sold, because they can sue them if they do.

This is why Apple is no better than Google, despite its insistence that
selling you devices at a premium means it doesn't have to spy on you.
Sure, it doesn't spy on you for ad-tech, but it uses its extraordinary
control to take away your self-determination in other ways.

Apple uses its monopoly on Ios apps to extract rents from vendors, who
raise prices on you. It uses its monopoly on parts and service to gouge
for repairs, and to unilaterally declare some products to be at their
end-of-life to force you to buy new ones.

It's no coincidence that Tim Cook's opening letter to investors in 2019
warned them that one of the company's biggest financial risks was that
customers were choosing to hang onto their devices for longer, rather
than replacing them.

And Apple's aversion to ad-tech is no guarantee of freedom from
surveillance. When the Chinese state ordered Apple to remove all working
privacy tools from its App Store so that its users could be spied on,
Apple complied.

Iphones only work with Apple's App Store, and making a tool to allow
alternative app store access is a DMCA 1201 felony. This decision leaves
Chinese users with no alternatives, even as the state is using mobile
surveillance to put 1M+ Uyghurs in concentration camps.

People reveal their moral character in bad times. It's cool to talk
about your respect for privacy in good times, but if you pull a Vader
when times turn bad (telling, not asking, your customers to open their
wallets to help you survive the crisis), it speaks volumes.

If "You bought it, you own it" can be trashed when the company is at
risk, then why not "we won't sell your data?"


🧐 Helicopter flyover of deserted Disneyland

Micah Muzio's Youtube features multiple camera views from his helicopter
as he flies over LA and nearby cities, like Las Vegas. He's been at it
for years but the crisis makes this far more interesting, with deserted
looks at normally busy places.


His latest video is a Disneyland flyover. Come for the empty I-5, stay
for the ghostly themepark.



🧐 EU: "Cookie walls violate the GDPR"

The purpose of the EU's General Data Protection Regulation was to
effectively ban the ad-tech industry and its practices by annihilating
the pretense that clicking "I agree" or loading a page that said, "You
agree" was the same as consent for tracking.


Under the GDPR, service providers would be forced to only collect data
for explicit, enumerated purposes that could be expressed in plain
language, and could only share data with other entities after each one
was explicitly approved by the user.

So if you operated a site that ran 50 trackers that harvested data that
was passed on to hundreds of brokers who passed it on to thousands of
other brokers, then each time you got a new user, you'd have to get
thousands of permissions from the user.

Each permission would have to be meaningful: you'd have to explain in
simple language what you were doing and why, and even if the user opted
out of that collection, you'd have to still let them proceed to the site.

The fact that users might just leave your site rather than saying "no"
2,000 times before being allowed to proceed was a feature, not a bug. It
was meant to expose the sham of consent.

Basically: "Obtaining informed consent to thousands of surveillance acts
takes hours of patient explaining, so whatever you were getting by
adding a line of 8pt grey-on-white type that said, 'By visiting this
site you consent to our privacy policy,' it was *not* consent."

But ad-tech didn't get the memo. They started to put up "cookie walls"
on their sites, pop-up boxes that basically said, "Accept our cookies or
fuck off."


That's not consent either, and the European Data Protection Board (EDPB)
just published guidelines saying so:


Also not consent: scrolling past a thing that says, "Please look at this
dashboard and tell us which acts of surveillance you're OK with." A user
who scrolls past that dialog should be presumed to have *withheld*
consent, not granted it.

"Actions such as scrolling or swiping through a webpage or similar user
activity will not under any circumstances satisfy the requirement of a
clear and affirmative action”

On Tech Crunch, Natasha Lomas calls this "cookie consent theatre," and
predicts new enforcement action, noting that "GDPR fines can scale as
high as €20M or 4% of global annual turnover."


🧐 Unix and Adversarial Interoperability

AT&T; invented the Unix operating system in 1969. Since then, it has
grown to be the basis of almost every computer you use today, from OS X
to GNU/Linux, Ios to Android, and all the embedded systems in the
"smart" gadgets in your world.

In the early days of Unix, all kinds of companies made their own
commercial versions: Sun, SGI, IBM, Apple, DEC, etc.

But AT&T; didn't.

The story of how AT&T; - a vicious monopolist that jealously guarded its
treasures - sat by while others commercialized, popularized and
perfected Unix is a fantastic parable about how anti-monopoly laws
connect with adversarial interoperability.


In short: AT&T; was only spared from a serious antitrust beat-down
because the Pentagon intervened to keep it intact during the Korean War.
The compromise the DoJ reached was to put AT&T; under a "consent decree"
that banned it from entering new markets.

So when the legends of Bell Telephone Labs (Ken Thompson, Dennis
Ritchie, et al) invented Unix, AT&T; just sat on it - until Thompson
presented it at a ACM meeting and people started clamoring for licenses
to it.

AT&T;'s lawyers were so gunshy of DoJ scrutiny that they let others use
and sell Unix on really open terms, and the community of Unix hackers
that emerged to swap patches and improvements created the ethic that
turned into the free software movement.

Meanwhile, AT&T;'s own scientists were so committed to technical
excellence that they defied their own bosses to distribute improvements
(like hiding data-tapes behind rocks in parks and then anonymously
tipping off Unix leaders about where to find them!).

As I write in my case-study, "The DoJ's didn't merely ban AT&T; from
certain monopolistic conduct—it set up rules and incentives that
encouraged AT&T; to share, and it stripped AT&T; of the legal weapons it
needed to stop competitors from making interoperable products."

Today, we've allowed Big Tech to distort the law to create a whole new
suite of tools to prevent interoperability: the anti-circumvention rules
in DMCA 1201, the CFAA, software patents, and more.

To see new weapons being fashioned before your very eyes, just look at
Oracle's bid to make APIs copyrightable.


Adversarial Interoperability once drove dynamism in tech: if your
technology dominated a sector, a rival would come along and make
something that plugged into it, robbing you of your big margins and
forcing you to innovate.

We've let Big Tech climb that ladder...and then kick it away. The
pirates of yesteryear have all become admirals.

To read more about adversarial interoperability, check out my other
articles and case studies.



🧐 Sidewalk Labs pulls out of Toronto

Sidewalk Labs is the Google/Alphabet division that did a deal with the
City of Toronto to turn part of the downtown into a private
surveillance-city where people who opted out of data-collection would be
punished for their privacy choices.

From the start, the company acted in deceptive and disreputable ways,
and suffered waves of resignations of its high-profile privacy board and
denunciations from the indigenous leaders it consulted with (and then
roundly ignored).


It became increasingly clear that even if "smart cities" were a good
idea, Sidewalk Labs wasn't. The company became a lightning rod for
criticism, but the city kept greenlighting new phases of the project.

Now, the project is dead.


CEO Dan Doctoroff (no relation) attributed the cancellation to a
collapse of the financial case for building it, which is just another
example of why your city's key infrastructure should not be built and
operated by private firms - they'll always leave you in the lurch.

Imagine if Sidewalk had walked away from the project AFTER it was built,
spitefully bricking the city on its way out the door.


🧐 Wechat spies on non-Chinese users for in-China censorship

Wechat from Tencent is the third most popular social media platform in
the world, primarily because it is the de facto standard for Chinese
social media, rolling up many other services like identity and payment.

Having conquered China, Wechat's new growth will come from the rest of
the world, and it has aggressively courted non-Chinese users - and while
Tencent acts as an arm of the Chinese state in conducting surveillance
and censorship in China, non-Chinese users weren't censored.

But that doesn't mean they weren't being spied upon - nor that the usage
of non-Chinese users didn't power Chinese censorship efforts.

In a major new paper, the University of Toronto's Citizen Lab reveals
that Tencent spies on non-Chinese users, too.


They proved that by looking at what happened to the censorship of
Chinese accounts when non-Chinese accounts exchanged documents -
including image files - that violated Chinese censorship rules.

They were able to show that shortly after two non-Chinese Wechat
accounts exchanged a document containing words blacklisted in China, the
document itself would be blacklisted for Chinese users, too.

It's a pretty conclusive smoking gun.


🧐 Hidden doors disguised as bookcases

I love decorating with books, by which I mean, "I own a lot of books and
need somewhere to put them, therefore they are my decor." But I'm also
very impressed by Original Book Works, who make decor elements that look
like bookcases and stacks of books.


They've got a wide product range and while I'm no fan of the "pretend
you're a reader by creating wall panels made from fake book spines," I'm
FAR more interested in secret doors, hidden safes and radiator covers
that look like rows and rows of books.


And to be clear, these are not actual old books that are destroyed to
make decor - they're basically a full employment scheme for talented
book-binders who make thin rows of leather book spines that appear to be

With one exception: the "paperback book panels" are "constructed from
genuine guillotined books," mounted on 3mm backing boards. And yeah,
I've worked with paperbacks enough to know that they're far more
disposable than you might think, but this still feels off to me.

Beyond the panels and doors, the company has a wide variety of
book-based novelties, including this fantastic ice-bucket.



🧐 Vent dragons

Artist David Lee Pancake makes a range of "Vent Dragons" - sculptures of
dragons with glowing eyes that appear to be crawling out of household
HVAC vents (you can't actually use them as vent covers alas).


He also does a mail-slot dragon:



🧐 This day in history

#10yrsago Linux users twice as generous as Windows users

#10yrsago Walt Disney World's Haunted Mansion: stupendous essay

#10yrsago FCC hands Hollywood the keys to your PC, home theater and
future https://boingboing.net/2010/05/07/fcc-hands-hollywood.html

#5yrsago Drug pump is "most insecure" devices ever seen by researcher

#5yrsago Appeals Court rejects NSA's bulk phone-record collection

#1yrago Charter's new way to be terrible: no more prorated cancellations

#1yrago Google will now delete your account activity on a rolling basis

#1yrago Human Rights Watch reverse-engineered the app that the Chinese
state uses to spy on people in Xinjiang

#1yrago "A Fire Story": a moving, beautiful memoir of the Calistoga
wildfire in comics form

#1yrago danah boyd explains the connection between the epistemological
crisis and the rise of far-right conspiratorial thinking


🧐 Colophon

Today's top sources: PZ (https://twitter.com/ziselberger), Pink
Frankenstein (https://twitter.com/pinkfranken/), Hackaday
(https://hackaday.com/), Bookshelf (https://www.onthebookshelf.co.uk/),
Sean Gallagher (https://twitter.com/thepacketrat), Slashdot
(https://slashdot.org/), Alvin Chung (https://twitter.com/ayhcheung),
Geekologie (https://geekologie.com/).

Currently writing: My next novel, "The Lost Cause," a post-GND novel
about truth and reconciliation. Yesterday's progress: 522 words (12448

Currently reading: Facebook: The Inside Story, by Steven Levy.

Latest podcast: Someone Comes to Town, Someone Leaves Town (part 02)

Upcoming appearances:
May 7: The Collapse, Re:publica https://re-publica.tv/de/session/collapse
 May 9: Being Civil With Security Experts, Essence of Wonder,

Upcoming appearances:

* May 7: The Collapse, Re:publica https://re-publica.tv/de/session/collapse

* May 9: Being Civil With Security Experts, Essence of Wonder,

Upcoming books: "Poesy the Monster Slayer" (Jul 2020), a picture book
about monsters, bedtime, gender, and kicking ass. Pre-order here:

"Attack Surface": The third Little Brother book, Oct 20, 2020.

"Little Brother/Homeland": A reissue omnibus edition with a new
introduction by Edward Snowden: https://us.macmillan.com/books/9781250774583

This work licensed under a Creative Commons Attribution 4.0 license.
That means you can use it any way you like, including commerically,
provided that you attribute it to me, Cory Doctorow, and include a link
to pluralistic.net.


Quotations and images are not included in this license; they are
included either under a limitation or exception to copyright, or on the
basis of a separate license. Please exercise caution.


🧐 How to get Pluralistic:

Blog (no ads, tracking, or data-collection):


Newsletter (no ads, tracking, or data-collection):


Mastodon (no ads, tracking, or data-collection):


Twitter (mass-scale, unrestricted, third-party surveillance and


Tumblr (mass-scale, unrestricted, third-party surveillance and advertising):


*When life gives you SARS, you make sarsaparilla* -Joey "Accordion Guy"

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 195 bytes
Desc: OpenPGP digital signature
URL: <http://mail.flarn.com/pipermail/plura-list/attachments/20200507/0adb651a/attachment-0001.sig>

More information about the Plura-list mailing list